PR: 148279
When we set "user-scalable=no" in viewport meta-tag and change any
other WebSettings, the WebPage can turn to be scalable.
This is a regression of the change master_32/SHA:fa0f8ee9. In that
change, we used setUserScalable(webSettings->isUserScalable())
in WebPagePrivate::didChangeSettings which was incorrect for non-DRT
case, as webSettings->isUserScalable() would always return true by
default.
Create a new API WebPage::setUserScalable which will be used in
DumpRenderTree.cpp.

ShadowRoot cannot cannot be removed from its host, which means
ShadowRoot cannot be adopted by any Document directly because the
adoptNode() tries to remove it from its parent but it doesn't make
sense for ShadowRoot.

(WebKit::BuiltInPDFView::pdfDocumentDidLoad):
(WebKit::BuiltInPDFView::calculateSizes):
(WebKit::BuiltInPDFView::paintContent):
Changed m_pdfDocument to PDFDocument, and updated for the changes. We still use
CGPDF when drawing to screen though, because that doesn't affect USPS.

Moved PDF document printing code to WebPageMac.mm, as it's now Objective C.

WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::computePagesForPrintingPDFDocument):
(WebKit::roundCGFloat):
(WebKit::drawPDFPage): While moving, also fixed a logic error in calculating the box
(it used to intersect with an empty box).
(WebKit::WebPage::drawRectToPDFFromPDFDocument):
(WebKit::WebPage::drawPagesToPDFFromPDFDocument):

We were waiting only on the canvas context, which with the new GPU
scheduling was causing the RateLimiter not to ratelimit enough. We
need to insert no-op commands in the compositor context, so that we'll
wait for the canvas context and SwapBuffers as well.

Introduces the notion of slow path code generation closures in the DFG.
These are defined in DFGSlowPathGenerator.h, though they are fairly
extensible so DFGSpeculativeJIT64.cpp and DFGSpeculativeJIT32_64.cpp
define a couple special-purpose ones. A slow path generation closure
(DFG::SlowPathGenerator) is executed after the main speculative path is
generated. This makes them great for scheduling slow path code out of
the way of the hot paths.

This patch also converts most - but not all - of the DFG to use slow
path generators instead of inline slow paths.

The result is a sub-1% improvement on SunSpider and V8, and a miniscule
regression on Kraken.

(WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): minimumValueForLength preserves
sub-pixel precision, so we should avoid unnecessarily using integers.

platform/graphics/FractionalLayoutPoint.h:

(WebCore::FractionalLayoutPoint::FractionalLayoutPoint): Adding an explicit constructor from
FractionalLayoutSizes. This mirrors a method in IntPoint.

rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::paintBorder): The rects that change come from roundedRects,
which are already pixel-snapped.

rendering/RenderBoxModelObject.h: Removing a comment that is no longer applicable.

rendering/RenderTable.cpp:

(WebCore::RenderTable::computeLogicalWidth): Since we layout tables using integers, we
need to explicitly calculate the width to be integral as well to avoid pushing the next element
over by a pixel that we won't later paint with our own box decorations.

rendering/RenderText.h:

(RenderText): Correcting an unfortunate mismatch between in the return value of linesBoundingBox
between the header and implementation.

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::getRoundedBorderFor): We were incorrectly not using the snapped border
rect to pass to calcRadiiFor (which takes an IntRect). Correcting this.

(WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): minimumValueForLength preserves
sub-pixel precision, so we should avoid unnecessarily using integers.

platform/graphics/FractionalLayoutPoint.h:

(WebCore::FractionalLayoutPoint::FractionalLayoutPoint): Adding an explicit constructor from
FractionalLayoutSizes. This mirrors a method in IntPoint.

rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::paintBorder): The rects that change come from roundedRects,
which are already pixel-snapped.

rendering/RenderBoxModelObject.h: Removing a comment that is no longer applicable.

rendering/RenderTable.cpp:

(WebCore::RenderTable::computeLogicalWidth): Since we layout tables using integers, we
need to explicitly calculate the width to be integral as well to avoid pushing the next element
over by a pixel that we won't later paint with our own box decorations.

rendering/RenderText.h:

(RenderText): Correcting an unfortunate mismatch between in the return value of linesBoundingBox
between the header and implementation.

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::getRoundedBorderFor): We were incorrectly not using the snapped border
rect to pass to calcRadiiFor (which takes an IntRect). Correcting this.

The function returned early and the shaders didn't have a chance to be saved. Moving
those two lines before the return false just to make sure that FilterEffectRenderer never adds
itself as a client for a shader without keeping track of that.

No new tests. The problem reproduces with existing tests.
css3/filters/custom/custom-filter-property-computed-style.html
css3/filters/custom/effect-custom-combined-missing.html

For an empty input element, there is no RenderText. Instead, RenderBlock::localCaretRect provides
the caret position for rendering the caret in the empty input element. To get correct caret rect,
textIndentOffset() should be used to adjust the caret's position.

The code as it stands appears to be correct, but static analysis was concerned that value could become null.
This patch adds a null check and ASSERT_NOT_REACHED() to make the code more obviously correct.

Changed LLInt to use a different register. Changed DFG to use one fewer
registers. We should revisit this and switch the DFG to use a different
register instead of r7, but we can do that in a subsequent step since
the performance effect is tiny.

Update the JSC and V8 bindings such that if the name of the DOM
Storage property being retrieved is a match for a property in the
prototype, always return the prototype version. If there is a DOM
Storage key of the same name, it can still be retrieved via the
getItem method. This prevents storage methods from being
accidentally hidden. This brings WebKit behavior in line with the
de facto standard implemented by FireFox and IE.

Reviewed by Kentaro Hara.

Test: storage/domstorage/storage-functions-not-overwritten.html

bindings/js/JSStorageCustom.cpp:

(WebCore::JSStorage::nameGetter):

bindings/v8/custom/V8StorageCustom.cpp:

(WebCore::V8Storage::namedPropertyGetter):

LayoutTests:

Add a test to verify that setting a DOM Storage key with the same name
as a function on the Storage object does not prevent that function
being called, but also that it can still be retrieved via the getItem
function.

Reverting ShadowData to integers, and applying the refactoring from Bug 84098. Also fixing a bug that only showed up in Mac WebKit2 related to the GraphicsContext function roundToDevicePixels, which doesn't when there's no transform (whoops).

(WebCore::v8ExternalString): Make 'isolate' an optional argument.
Ideally we want to make 'isolate' a non-optional argument,
but it is difficult to rewrite all v8ExternalString() callers
at a breath. We can rewrite them incrementally.
(WebCore::v8String): Ditto.
(WebCore::v8StringOrNull): Ditto.
(WebCore::v8StringOrUndefined): Ditto.
(WebCore::v8StringOrFalse): Ditto.

Add setting API to enable or disable WebKit's XSSAuditor to protect
from reflective cross-site scripting attacks. Also, emit the signal
'xss,detected' and provide addition information received from
XSSAuditor when reflected XSS is encountered in the page.

Add missing implementation setXSSAuditorEnabled to EFL's LayoutTestController
in order to unskip tests in http/tests/security/xssAuditor. Also, catch the signal
'xss,detected' in DRT to enable a test, which is expecting a line containing
'didDetectXSS' in the output when reflected XSS is encountered in the page.

The RenderLayer code currently propagates scroll position to parent frames
without any cross-origin checks. This gives it a quick origin boundary check
that is set by FrameLoader only when performing a fragment navigation. This
allows us to safely relax the restriction on not scrolling at load time in
FrameLoader since the safe thing will happen later on at scroll time.

The final objective is to pass Isolate around in V8 bindings.
This patch adds an optional Isolate argument to toV8().
After rewriting all toV8() callers so that they pass Isolate,
I will make the Isolate argument non-optional.

Correct where we do our flooring for tables to be in setting the logical width, instead of at paint time. This avoids a bug where a 1 pixel gap would exist following a table that nothing could be placed in.

This patch implements a simple decision tree in the web page event handler
on the basis of how many active touch points the current touch event has.

Active touch points are pressed, moved or stationary and the number of these
fully determine which gesture recognizer should be updated, cancelled or
finished.

This new structure makes the internal states of the pinch and pan gesture
recognizers independent from the event type, thus makes it possible to handle
the transitions between these gestures in one centralized place which reduces
code duplication and complexity and fixes some issues regarding incorrectly
handled transitions.

Despite having WebKitWebView its own backing buffer, calling
gtk_widget_set_double_buffered(...,FALSE) may still pose side
effects, such as ensuring that all drawing operations are
flushed to the X server before rendering a non-double buffered
widget, which may translate into flickering of the parent
GdkWindow before the WebKitWebView itself is rendered.

Enabling back double buffering solves this as all contents are
first composited together before getting to the front buffer,
but effectively acts as 3rd buffer. This is sort of unavoidable
unless GTK+ gains a "let me take ownership of the backing buffer
for this widget", which currently lacks.

It should not be possible to make a rect in layer space that is clipped
by the camera but for which the screen space transform gives a
rectilinear output. But use consistent methods for checking that the
result remains enclosed within the actual pixels.

One day when clipped is true, we can find an interior axis-aligned rect
within the clipped result, and checking clipped explicitly makes this
more clear.

Implement support for LayoutTestController's dumpFrameLoadCallbacks()
in EFL's DumpRenderTree. We no longer emit the "load,finished" signal
from postProgressFinishedNotification() since it is already emitted
from dispatchDidFinishLoad(). This avoids unwanted extra signals we
prevent some tests from passing (e.g.
http/tests/security/mixedContent/about-blank-iframe-in-main-frame.html).

The asserts were incorrectly triggered because suspending active DOM objects
(which suspends the XMLHttpRequestProgressEventThrottle) doesn't stop JavaScript
from running or suspend any running loader we may have. The previous code would
assume those 2 cases were impossible.

When XmlHttpRequest::open is called or data is received while the XmlHttpRequest object
is suspended the object may attempt to dispatch events. This patch defers these events
until the object is resumed.

Progress events are coalesced similar to normal throttling, and readystate-change events
are coalesced to avoid identical events emitted right after eachother.

On resume the events are dispatched after a timer to avoid interfering with
ScriptExecutionContext which is iterating over suspended objects.

The force_static_libs_as_shared feature for the Qt port will remove
hide_symbols from Qt's CONFIG in order to make them visible to other
libraries again.

Due to an evaluation order problem in qmake, the flags for the C++ compiler
that are set by adding hide_symbols to the CONFIG variables get applied
to qmake's C++ compiler flags directly and hence trying to remove these
later will not work and cause build failures when using the force_static_libs_as_shared
feature of the Qt port.

This is fixed by removing the flags that hide the exports from the compiler flags directly.

This change adds a framework to support fixed placeholder string for
textfield-like <input> without the palceholder attribute support. This
doesn't change any behavior of input types which support the
'placeholder' attribute.

According to the standard, <input type=date> doesn't support the
'placeholder' attribute. However it is a kind of text field in WebKit
platforms with ENABLE_CALENDAR_PICKER, and we may show something useful
information as the default placeholder.

m_npWindow.ws_info should be deleted even if plugin run as windowless mode to remove memory leak.
Every plugin works well after this patch without any crash.
Additionally, change casting syntax to C++ style.

The popup was detached from the origin element because
calendarPicker.js resizes its window. To fix this bug, we move the
window position vertically when it is resized.

No new tests. This is not testable in WebKit.

src/WebPagePopupImpl.cpp:

(WebKit::PagePopupChromeClient::setWindowRect):
If this request is just a resize and m_isPutAboveOrigin is true,
update the vertical position so that the popup attaches to the
origin rectangle.
(WebKit::WebPagePopupImpl::WebPagePopupImpl):
Initialize m_isPutAboveOrigin with false.
(WebKit::WebPagePopupImpl::init): Set m_isPutAboveOrigin true.

(layout): If params.isRTL, add dir=rtl to the body.
(DaysTable.prototype._handleKey): Reverse Left and Right cursor keys if RTL.

html/shadow/CalendarPickerElement.cpp:

(WebCore::addProperty): Add addProperty() with a bool value.
(WebCore::CalendarPickerElement::writeDocument):
Check the direction of the first character of localized January label,
and pass it as isRTL property.

Both Node::insertedIntoTree() and Node::insertedIntoDocument() are
served as lifecycle callbacks which are invoked when a node is
inserted into its new parent. There are also removedFromTree()
and removedFromDocument() respectively. Considering that this pair
of virtual functions are laid onto the hot path, it's worth
merging them into one, to gain some speedup. Such
unification could clarify the semantics as well.

This change makes following change to merge these functions.

pulling the tree traversal out from ContainerNode to ChildNodeInsertionNotifier.

letting new Node::insertInto() do the job for its own, but not
for its children and

Pass the parent of each insertion root as a parameter of insertedInto().
This root node can tell inserted node where it is inserted,
specifically whetehr the insertion is to the document or not.

Same pattern is also applied to Node::removedFromDocument() and
Node::removedFromTree(), which are factored to Node::removedFrom()
and ChildNodeRemovalNotifier respectively.

Speed up on Dromaeo/dom-modify.html is about 2%.
Further speed-up by de-virtulization would be possible.

Caveat:

There is possible situation where a node need to invoke
insertedInto() after its children is nofitied, instead of before
that. It was represented naturally with previous
traversal-by-ContainerNode pattern, but is no longer simple with
this new external traversal. To support this scenario, we
introduced the InsertionNotificationRequest as a return value of insertedInto()
and a supplemental hook Node::didNotifyDescendantInseretions(). See for
example HTMLFormElement.cpp to learn how it works.

LocalizedNumberICU.h contains only ICULocale class. It should be
named as ICULocale.h. We're going to move some functions in
LocalizedDateICU.cpp and LocalizedCalendarICU.cpp to ICULocale,
and add unit tests for them.

WebGLLayerChromium used to be responsible for the readback path for software painting WebGL canvases (for
printing, etc), but this path no longer has any compositor interaction. This moves the code into
DrawingBufferChromium which is responsible for managing the front / back buffers for WebGL.

Adds implementation of WebVideoLayer and ports WebMediaPlayerClientImpl over to using it.
WebMediaPlayerClientImpl still exposes a WebCore::VideoLayerChromium* to the compositor via the platformLayer()
interface, but this is temporary until we can change the PlatformLayer typedef over to WebLayer.

(WebCore::InsertionPoint::isActive):
A new public method for checking whether an insertion point is active or inactive.
If active, returns true. Otherwise, false.
(WebCore::InsertionPoint::isShadowBoundary):
Make the method consider whether an insertin point is active or inactive.
(WebCore::InsertionPoint::rendererIsNeeded):
Changed to return true If an insertion point is inactive.
(WebCore::InsertionPoint::attach):
Changed to call only HTMLElement::attach If an insertion point is inactive.
(WebCore::InsertionPoint::detach):
Changed to call only HTMLElement::detach If an insertion point is inactive.

html/shadow/InsertionPoint.h:

(InsertionPoint):
Added isActive public method.

dom/NodeRenderingContext.cpp:

(WebCore::NodeRenderingContext::NodeRenderingContext):
Changed to take into account an insertion point's activeness when parent is an insertion point.
(WebCore::NodeRenderingContext::firstRendererOf):
(WebCore::NodeRenderingContext::lastRendererOf):
Changed to take into account an insertion point's activeness.

Because existing node flags which indicate the class of each node
are mutually exclusive, these flags can be represented as a enum.
This patch introduces Node::NodeTypeTag to turn these flags into a
enum, and embeds it into Node::m_nodeFlags.

It should not be possible to make a rect in layer space that is clipped
by the camera but for which the screen space transform gives a
rectilinear output. But use consistent methods for checking that the
result remains enclosed within the actual pixels.

One day when clipped is true, we can find an interior axis-aligned rect
within the clipped result, and checking clipped explicitly makes this
more clear.

In an effort to prevent misuse, we previously decided to have borderBoxRect return a
pixel-snapped IntRect. This is because borderBoxRect returns a rect that's positioned
at (0,0), and therefore won't snap to the same size as the element it's covering.

There are a couple uses of borderBoxRect that don't pixel snap the values and require
sub-pixel precision. This patch adds a pixelSnappedBorderBoxRect that makes the snapping
explicit, and moves uses that would otherwise pixel snap the rect to this version to
avoid producing a rect of the incorrect size. For details about pixel snapping with
LayoutUnits, please see ​https://trac.webkit.org/wiki/LayoutUnit

Refactored building the stack trace to so that we can construct
it earlier, and don't rely on any prior work performed in the
exception handling machinery. Also updated LLInt and the DFG to
completely initialise the callframes of host function calls.

When a page with a full-frame plug-in is restored from the page cache, it needs to re-fetch the plug-in stream.

Fix this by breaking the assumption that a plug-in will always get its data from WebCore if it's a full-frame plug-in;
instead it only get its data from WebCore if it's a full-frame plug-in that's not being restored from the page cache.

Screen shift down when VKB shows by clicking in a input box MKS_3601371
PR #149846

Reviewed by Rob Buis.

After switching from ScrollView::canOverscroll to ScrollView::constrainsScrollingToContentEdge
we had a less restricted code path allowing/disallowing overscrolling. That caused
some webpages like google.com to get on overscroll when adjusting the scroll
position to ensure the focused input field is visible.

Patch restricts the way we allow overscrolling to the bottom, where the virtual
keyboard pops up from, clamping it to 0, 0 if it tries to
overscroll upwards, and to maximum scroll position if it overscrolls
downwards.

UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::printFrame): When printing is
initiated by WebProcess, all messages from UI process are sent synchronously to
avoid being queued, and so should EndPrinting.

If a layer becomes composited because it needs to clip composited
descendants, or if it has perspective, then it doesn't actually
needs its own backing store; its contents can be painted by an
ancestor, and we can just have an empty layer that does the clipping
or applies the perspective transform.

Individual WebBackForwardListProxy's had no idea which items are associated with them.
This adds that association and makes sure the proxy removes all associated items from the PageCache when it closes.

WebProcess/WebPage/WebBackForwardListProxy.cpp:

(WebKit::WebBackForwardListProxy::removeItem): Remove the item from the PageCache in case it was in it.
(WebKit::WebBackForwardListProxy::addItem): Add the item ID to this back/forward list's set of associated IDs.
(WebKit::WebBackForwardListProxy::close): Remove each associated item from the PageCache.

Remove delegation of mousewheel events from lower timeline pane to the timeline overview. This disables
support for moving overview window with horizontal swype over lower timeline pane, thus removing
an irritating situation when we try to both change overview window and scroll lower timeline pane
upon a single touchpad gesture. Those willing to move timeline window now would need to position
mouse over overview.

Moved the GStreamer initialization logic to a new
GStreamerUtilities module, used by the MediaPlayer and the
AudioContext. I also removed the static variables as
gst_init_check already handles cases where it's called multiple
times.

GL_BGRA is not defined in GLESv2, so it causes build-break at readRenderingResults.
To resolve this, a helper function readPixelsAndConvertToBGRAIfNecessary is added
in GC3DOpenGL.cpp & GC3DOpenGLES.cpp and it's used in GC3DOpenGLCommon.cpp.
And some other issues to build with GLES are gone with this patch.

CSS class and id selectors are case insensitive in non-strict modes. The code
that invalidated the scope elements used getElementByID() which is case
sensitive in all modes. As a result we would fail to invalidate elements
that would match a style rule but used different case in id.

The new code invalidates by crawling the DOM tree. This often (when there are classes)
actually faster than the existing code as we can now handle everything in a single pass.
Each class scope required a crawl with the old code.

The code uses the same functions as the selector matching code to get the same behavior.

The maximum class limit is lifted as number of classes does not affect complexity anymore.

Added the interface function didReceivedAuthenticaitonChallenge()
in interface class DumpRenderTreeClient;
Called m_dumpRenderTree->didReceiveAuthenticationChallenge() in
WebPagePrivate::authenticationChallenge() when DRT is enabled.

Descriptors of form n-b or -n-b, where b is number, are valid CSS identifiers.
However, in NthChildMode we need to check whether this identifier is a valid nth child descriptor.
The original code only checked this if the string was n- or -n- but this is not enough.
We need to check everything which starts with an n- or -n- prefix.

(JSObject):
(JSC::JSObject::setPropertyStorage): "Atomically" sets the new property storage
and the new structure so that we can be sure a GC never occurs when our Structure
info is out of sync with our PropertyStorage.
(JSC):
(JSC::JSObject::putDirectInternal): Moved the check to see if we should
allocate more backing store before the actual property insertion into
the structure.
(JSC::JSObject::putDirectWithoutTransition): Ditto.
(JSC::JSObject::transitionTo): Ditto.

(JSC::Structure::shouldGrowPropertyStorage): Lets clients know if another insertion
into the Structure would require resizing the property backing store so that they can
preallocate the required storage.
(Structure):

When setFixedVisibleContentRect is called we mark all fixed elements in the frame for layout.
In order to find these elements, RenderView maintains a list of fixed elements.
They are added and removed at the same time that they are added and removed from their parent RenderBlock.
The idea is taken from the iOS5.1 branch, at opensource.apple.com.
Added a manual test that allows removing and adding fixed elements at will.

Turn on the flag setFixedElementsLayoutRelativeToFrame. This causes fixed elements position to be calculated based on
visibleWidth and visibleHeight. When zoom level grows, the visibleWidth and visibleHeight become smaller.

We have two different types of requestContent methods: one on the source mapping level and one on the resource level.
There are also adapters between the two. I'm aligning it all to a single requestContent method declared in ContentProvider.

src/AutofillPopupMenuClient.h: Removed m_separatorIndex because now we use itemID to identify separators.

Added m_useLegacyBehavior which is true when it is initialized with a valid separator index. This is to keep
the autofill working even when the chromium side hasn't been updated yet.
(AutofillPopupMenuClient):

Several fragments of code in TypingCommand can be also used by DictationCommand. So this patch
introduced a new class, TextInsertionBaseCommand. It's a subclass of CompositeEditCommmand, and
base class of both TypingCommand and DictationCommand.

This patch also extends InsertTextCommand class. Its constructor will take an TextInsertionMarkerSupplier
object. After text is inserted to a node, InsertTextCommand would give marker supplier a chance to
add document markers to the inserted text.

CMakeLists.txt:

GNUmakefile.list.am:

Target.pri:

WebCore.exp.in:

WebCore.gypi:

WebCore.vcproj/WebCore.vcproj:

WebCore.xcodeproj/project.pbxproj:

dom/Document.cpp:

(WebCore::eventTargetNodeForDocument): Moved this function from EventHandler so that it can be used

by AlternativeTextController.

(WebCore):

dom/Document.h:

(WebCore):

dom/DocumentMarker.cpp:

(WebCore::DocumentMarker::DocumentMarker): New constructor that takes a pointer to DocumentMarkerDetails object.
(WebCore):

This removes all knowledge of CCLayerImpl from LayerRendererChromium. The most significant move code-wise is
moving the HUD up to live on CCLayerTreeHostImpl, since it's aware of the layer tree. This involves two changes.
First, CCHeadsUpDisplay is in charge of populating a ManagedTexture but the actual drawing code now lives in
LayerRendererChromium. Second, since we don't recreate CCLayerTreeHostImpl on a lost context, the font atlas
ownership is much simpler. Now a CCFontAtlas is created on the main thread if needed and passed asynchronously
to the CCHeadsUpDisplay which takes ownership of the atlas.

Currently the CSS parser calls to the Document and StyleSheetInternal objects to get settings, base URL etc.
The required information should be passed in on parser construction instead. The parser should not need to
know about the document at all.

The patch adds CSSParserContext struct that captures the parsing context. StyleSheetInternal saves the
parsing context and reuses it for any further parsing.

If the same stylesheet source is parsed with an identical context then the resulting stylesheet structure will
be identical. This will allow sharing parsed stylesheets in the future.

Remove the implicit assumption that a dataURL is the only desired output format
of the image encoding phase.

No new tests. Covered by existing canvas toDataURL tests.

platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::writeFunction): Rename closure to output.
(WebCore::encodeImage): Output the encoded image to the provided Vector<char>.
PNG format is only supported per the Cairo encoding MIMETypeRegistry.
(WebCore):
(WebCore::ImageBuffer::toDataURL): Refactor to use encodeImage().

Add a boolean flag indicating whether Bridge::initialize() has exited without receiving
a pointer to the peer object.

Modules/websockets/WorkerThreadableWebSocketChannel.cpp:

(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::create):
(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::WorkerContextDidInitializeTask):
(WebCore::WorkerThreadableWebSocketChannel::WorkerContextDidInitializeTask::performTask):
Kick mainThreadDestroy() to delete the peer if the bridge has failed to receive
a pointer to the peer (waitForMethodCompletion() exited due to message queue's
termination).
(WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadInitialize):
(WebCore::WorkerThreadableWebSocketChannel::Bridge::initialize):

Modules/websockets/WorkerThreadableWebSocketChannel.h:

(WorkerThreadableWebSocketChannel):
Make WorkerContextDidInitializeTask an inner class of WorkerThreadableWebSocketChannel
so it can refer WorkerThreadableWebSocketChannel's static member function (mainThreadDestroy()).

Update CalendarPickerElement and MediaControlElements to use
pixelSnappedSize in preparation for turning on subpixel support.
Update RenderScrollbarPart to pixel snap rect before painting to ensure
that it is painted on device pixel boundaries.

WebProcess's default cache model is DocumentViewer. When DocumentViewer model is on,
the PageCache's capacity is set to 0. Tests that are enabling 'WebKitUsesPageCachePreferenceKey' expect
PageCache to be functional.

(WebCore::writeFunction): Return write success or failure with the appropriate
cairo status code per ​http://cairographics.org/manual/cairo-PNG-Support.html
(WebCore::ImageBuffer::toDataURL): Add mimeType ASSERT()s. <canvas> ensures that
a valid mimeType (supported by the port) is sent to toDataURL() calls. Check for
encoding failure and return "data:," if so.

When a LTH becomes invisible, the texture eviction is spread out across
two different functions and is not entirely clear. We move all the logic
together into a single place in didBecomeInvisibleOnImplThread() and
make the consequences of the current code more clear.

We remove the memory restriction on web pages based on viewport size
on desktop. This is causing pages that have complex use of layers to
end up hitting our memory limits, and moreso when the window is small.
Page complexity is not really a function of the viewport size.

We drop the mininum memory limit entirely, and just evict all
unprotected textures instead.

The named flow content nodes collection contains those nodes with webkitFlowInto property set to 'flow'.
In the list, the nodes are placed in document order. Nodes with display:none are also part of the list.
The list of nodes is returned as a static node list.

The content nodes are stored in RenderNamedFlowThread. The content nodes are added to the list in NodeRenderingContext::moveToFlowThreadIfNeeded
and removed from the list in Element::detach. When an element -webkit-flow-into property is changed, the element is detached and attached.
I have also added a bit in NodeFlags to mark that an element is part of a named flow (and the corresponding inNamedFlow/setInNamedFlow/clearInNamedFlow functions).

The goal of this test is to remind us whenever we add something to the
global scope. In practice, however, this test is a lot of work to
maintain because every port has different features enabled, which means
every port has a different list of things in the global scope. It's
very difficult to make changes without causing this test to go red on a
number of bots.

Rather than use this test to monitor the global scope, we're better off
paying attention to the IDL files. If folks are interested in changes
to what is exposed to JavaScript, they can subscribe to IDL changes
using a watchlist. (That's what I do, and it works pretty well.)

No new tests; DRT and WKTR don't have the infrastructure to test full-screen animation related bugs.

Instead of asking the media element whether it is in full screen or not, rely on when the media root element
was told that it enteredFullscreen() or exitedFullscreen(), which may occur at a different time than the
media element due to animations.

So that the media controls don't show up momentarily during full screen animations, call setAnimatingFullScreen(true)
before calling will{Enter,Exit}FullScreen(), so that the CSS rule for full screen animation will be in effect
immediately.

Similarly, call setAnimatingFullScreen(false) after calling did{Enter,Exit}FullScreen, so that the full screen media
controls don't momentarily appear at the end of an animation.

Regressed in r110409. When the -webkit-media-controls-panel were changed
from position:absolute to position:relative, this broke dragging of the
controls in fullscreen, which relies on the panel being absolutely positioned
to do its drag positioning. Change the way drag positioning is calculated to
accommodate position:relative.

An extremely large element causes problems with filters, either by
taking too long to compute the output or using too much memory. The
filter engine already has some constants for maximum expected size.
Make sure the render tree checks them before deciding to apply
effects.

As of today, any FrameView attached to the Widget-tree or any
RenderLayer whose corresponding RenderBox's style has a 'overflow'
property set to 'auto' is cached in its containing scrollable areas set.
We could be more restrictive about what we in fact want to
cache as scrollable areas, by checking if the element as an overflow
(i.e. more content than its viewport).

page/FrameView.cpp:

(WebCore::FrameView::setFrameRect):

Whenever the viewport changes, check if we have an scrollable/overflowed
content, and update the cache accordingly.

(WebCore::FrameView::setContentsSize):

Whenever the contents size changes, check if we have a scrollable/overflowed
content, and update the cache accordingly.

(WebCore::FrameView::calculateScrollbarModesForLayout):

Introduces a way to query for the scrollbars by only
taking into account the "rules" set by the web author.
For that, a new enum was added called SrollbarModesCalculationStrategy,
which allows callers to discard for example client-side scrollbar policies
in order to verify if a given frameview is scrollable or not.

(WebCore::FrameView::updateScrollableAreaSet):

Take into account various factors before considering a FrameView as
scrollable. If in the end it is, it gets added to its parent FrameView
scrollable areas map, otherwise removed.

(WebCore):
(WebCore::FrameView::addScrollableArea):

Became unneeded, thus removed.

(WebCore::FrameView::removeScrollableArea):

Whenever a FrameView is removed from the Widget-tree,
remove it from the cache.

Currently CSSParser sets usesRemUnits flag directly to Document. It should be set to
the stylesheet instead so parser does not need to know about the document. This also
avoids setting the flag unnecessarily when the stylesheet is not used.

Remove VideoFrameChromium wrapper and converts WebCore code to using the Platform WebVideoFrame API directly.
Some utility code that previously existed on VideoFrameChromium and only had one caller, such as doing
width/height adjustements for YV12 frames, is moved into the calling code (CCVideoLayerImpl).

[chromium] Now that the chromium port is using a different dom_storage backend
library in its main browser process, there are a handful of files that should no
longer be included in the build, and a few files than should be deleted
outright, and the webkit api should be modified to reflect the new (and smaller)
contract between the embedder and webkit/webcore.​https://bugs.webkit.org/show_bug.cgi?id=83807

Reviewed by Adam Barth.

Source/WebCore:

No new tests, existing tests apply.

WebCore.gyp/WebCore.gyp: Exclude several files from the WebCore/storage directory.

storage/StorageEventDispatcher.h: Delete a stale comment.

Source/WebKit/chromium:

WebKit.gyp: Delete a few files.

public/WebStorageNamespace.h: Remove some unused data members and methods, and annotate close() as deprecated.

public/platform/WebKitPlatformSupport.h: Annotate a method as deprecated.

(WebCore::CanvasRenderingContext2D::getImageData): Added this cover function that calls
through to getImageData with LogicalCoordinateSystem.
(WebCore::CanvasRenderingContext2D::webkitGetImageDataHD): Added. Calls through to
getImageData with BackingStoreCoordinateSystem.
(WebCore::CanvasRenderingContext2D::getImageData): Added a CoordinateSystem parameter to this
now-private function. It is passed through to ImageBuffer::getUnmultipliedImageData().
(WebCore::CanvasRenderingContext2D::putImageData): Added this cover function that calls
through to putImageData with LogicalCoordinateSystem.
(WebCore::CanvasRenderingContext2D::webkitPutImageDataHD): Added. Calls through to
putImageData with BackingStoreCoordinateSystem.
(WebCore::CanvasRenderingContext2D::putImageData): Added a CoordinateSystem parameter to this
function. It is passed through to ImageBuffer::putByteArray, and used to compute the rect to
invalidate after the drawing operation.

platform/graphics/ImageBuffer.h: Added a CoordinateSystem enum with the values

LogicalCoordinateSystem and BackingStoreCoordinateSystem. Added a CoordinateSystem parameter,
which defaults to LogicalCoordinateSystem, to getUnmultipliedImageData,
getPremultipliedImageData, and putByteArray.

(WebCore::ImageBuffer::getUnmultipliedImageData): Now uses the CoordinateSystem parameter to
decide whether to ask ImageBufferDaya::getData() to apply the resolution scale or not.
(WebCore::ImageBuffer::getPremultipliedImageData): Ditto.
(WebCore::ImageBuffer::putByteArray): Now uses the CoordinateSystem parameter to decide
whether to maintain the resolution scale while drawing or not.
(WebCore::ImageBuffer::toDataURL):

Unskip PageLoad directory and skip tests that load too fast (less than 100ms) and are unstable,
and the ones that take too long to load (more than 20s).

Skipped:

Tools:

Add support for page loading tests. These are tests without any test running harnesses, and we use
DriverOutput's test_timeout to measure the loading time.

Extracted PerfTest.run and PerfTest.run_failed from PerfTestRunner._run_single_test.

Scripts/webkitpy/performance_tests/perftest.py:

(PerfTest.run):
(PerfTest):
(PerfTest.run_failed):
(PerfTest.parse_output):
(PerfTest.output_statistics):
(ChromiumStylePerfTest.parse_output):
(PageLoadingPerfTest): Added.
(PageLoadingPerfTest.init):
(PageLoadingPerfTest.run): Run the driver 20 times to get the statistics for the loading time.

The last item that was needed to make the CCHeadsUpDisplay work in
threaded compositing mode was to remove the font rendering code
used on the impl-side thread. To solve this, this patch adds a
CCFontAtlas that is initialized on the main thread (where the font
rendering takes place). Then, when the HUD draws text on the impl
thread, it uses the font atlas directly.

This is a regression from r110072. I wrongly thought we should call ensureLayer if we create our RenderOverflow.
However the current overflow code removes the before and start overflows (like in horizontal writing mode with ltr direction,
we never have a top or a left overflow). Because of that we would not get a RenderLayer as expected and the overflow clip rects
would be wrong on our RenderLayer children.

rendering/RenderBox.cpp:

(WebCore::RenderBox::addLayoutOverflow):
Moved the ensureLayer() call after the check that we do have some overflow but before we remove the overflow in some directions.

When we stop in the inline script on reload, we should only show concatenated script content.
When we resume, we should replace UI source code with the actual HTML content. We should not attempt to
fetch resource content until request finished loading. I regressed it in the Request extraction
and now am bringing it back.

Revert the previous way of dealing with things. The problem is that different layers
would end up rounding in different directions, and would cause jittering between
layers or with the QQuickWebPage's background.

platform/graphics/texmap/TextureMapperGL.cpp:

(WebCore::TextureMapperGL::drawTexture):

Source/WebKit2:

Do the alignment on the highest level as possible: the QQuickFlickable content item
position. It already supports this with setPixelAligned which rounds the content item's position.

Also move the setClip(true) to the common constructor as this constructor is currently only used by WTR.

Remove setFlags(QQuickItem::ItemClipsChildrenToShape) as it is redundant with setClip(true).

There is a number of random properties created on Resource and NetworkRequest that represent various url
fragments. Display name is being based on them and sometimes requires fake Resource instance to be created.
This change (officially) introduces WebInspector.ParsedURL as a type that encapsulates this complexity.

This change also moves documentURL property into the Resource and NetworkRequest constructors and brushes up
factory methods used to create the objects.

This change extracts NetworkRequest from the Resource. It is now clear that these two
should have super class that would be responsible for parsing URL and would define the
requestContent signature. Corresponding patch will follow.

WK2 has compositing mode on all the time, while Wk1 turns it on only when
the page has composited content. This patch ensures that, when delegates scrolling behavior
is changed, backing stores are cleared only when there's an actual composition,
similarly to what CachedFrame does.

We were manually including the directories needed from WTF, instead of
using the WEBKIT qmake variable to add dependencies, which also adds
other tricks from WTF.pri, such as the right include paths for ICU.

As part of auditing all the ways of kicking off a navigation, I
happened to read JSDocument::setLocation, which uses very old patterns.
This patch updates it to do things the "modern" way. There shouldn't
be any behavior change.